It would be good if the "Remember Me" option would remember only the email address and not require the password as well. Essentials does this already. This is a security risk!
Hi @jenniek, in regard to using my.myob logins to access cloud files, I think MYOB needs to be aware of what has been happening, as reported by consultants and their clients.
One consultant reported recently that his email account and his my.myob login had been hacked, and a good number of his many clients' cloud files had been accessed at times when he was asleep or not working. Supplier bank accounts had been changed. It's unclear whether actual losses eventuated, but fraudulent payments had been created ready for submission.
Another consultant has reported a loss due to an IT consultant's login being compromised or misused.
At least one other consultant has reported fraud arising from unauthorised changes to supplier bank accounts.
The risks are now too great to ignore.
Could MYOB please action Jennie's suggestion as a mattter of utmost urgency?
Two-factor authentication of my.myob logins has been suggested as the best approach to deter hackers. It would be unwise to merely rely on consultants to change their passwords regularly, but if that could be enforced, and strong passwords enforced also, then the risks could be minimised.